Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/J70pX2_VrFqK6g8QG8ZcpCjQ0lw.roa
File: J70pX2_VrFqK6g8QG8ZcpCjQ0lw.roa (raw, json)
Hash identifier: QDeMmWNYCZVQaE8awlYHzXMQyuq7TXuynp3lltUYdrs=
Subject key identifier: 27:BD:29:5F:6F:D5:AC:5A:8A:EA:0F:10:1B:C6:5C:A4:28:D0:D2:5C
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6AD7D6427D83A1BF02741C49C0436BC8
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/J70pX2_VrFqK6g8QG8ZcpCjQ0lw.roa
Signing time: Wed 06 Sep 2023 14:14:04 +0000
ROA not before: Wed 06 Sep 2023 14:14:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6a:d7:d6:42:7d:83:a1:bf:02:74:1c:49:c0:43:6b:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 6 14:14:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27bd295f6fd5ac5a8aea0f101bc65ca428d0d25c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:57:d5:45:80:e3:58:64:17:a1:dc:91:82:99:
cc:cc:d1:20:d6:23:c4:6b:8a:fe:5c:7c:f8:c0:a5:
ee:60:08:72:ca:59:6d:62:ce:76:1b:66:96:38:84:
fc:24:50:35:dd:fc:c3:e9:5c:20:7f:da:8d:24:00:
4c:0d:23:a1:25:6b:0a:56:e8:a4:63:26:49:4b:e3:
88:70:f7:3b:64:f9:68:5c:54:d6:f5:a5:42:bd:97:
f6:4c:e0:ee:94:39:9d:d7:14:88:e3:60:71:32:f6:
f2:fe:f7:0b:b1:e1:83:13:2c:f9:4f:94:be:1e:6c:
ca:db:88:56:b8:16:ce:d0:a3:12:10:f1:7a:3d:ae:
0d:44:65:5a:ea:51:c0:d5:fd:eb:22:a0:f8:fe:86:
18:06:22:d9:0c:44:b5:8c:24:e8:af:ab:a0:b5:6a:
f1:70:53:b7:71:3e:f7:6e:df:11:9a:fc:18:98:f4:
4e:42:b8:74:23:40:71:ca:9f:94:95:b6:f9:23:8d:
29:9d:9d:e6:a1:e6:78:b2:e8:f4:f6:12:af:82:3f:
e7:fa:97:ae:51:e4:c4:14:68:42:9a:c1:58:d2:e7:
af:f9:41:4b:ab:62:cf:c0:9a:e1:9f:26:e5:d5:83:
91:af:14:3c:cd:d6:4d:34:5d:87:ae:d1:38:b3:30:
97:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:BD:29:5F:6F:D5:AC:5A:8A:EA:0F:10:1B:C6:5C:A4:28:D0:D2:5C
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/J70pX2_VrFqK6g8QG8ZcpCjQ0lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
98:c4:d8:15:30:60:2f:a6:6b:8d:66:cb:57:46:06:19:50:f6:
65:81:3c:ba:1e:69:ae:3e:e5:ca:35:a0:61:20:2e:f9:6d:23:
e8:7c:93:9e:ba:06:01:70:13:3d:c1:ea:b2:60:e8:6d:1c:55:
b6:15:4c:58:85:d1:f9:d1:b2:a6:f4:6d:95:61:be:0f:bf:29:
7e:2f:2a:53:68:0c:a9:80:7f:2b:70:2b:37:0e:0e:49:59:02:
a7:bd:8e:78:d3:96:66:a7:66:06:3d:7b:3c:54:1a:ce:df:b9:
f2:61:4b:40:26:ea:8f:e1:f5:b9:27:b8:ec:3b:53:91:75:53:
a6:28:38:b2:97:d0:e1:b8:61:61:3a:da:93:1e:fa:1f:8d:d4:
09:d4:3d:bd:cf:12:74:69:e1:9f:27:6f:64:03:33:78:5b:25:
84:7a:75:c4:fc:68:e8:db:4e:37:4d:6e:37:6e:98:ea:4a:8e:
69:7c:00:93:18:4b:e9:ec:c8:e1:28:c9:a1:43:17:87:d3:56:
f0:20:f7:b6:7a:f2:e5:25:6b:80:94:08:5b:10:4d:3e:13:07:
5b:42:2c:86:0b:61:11:ef:25:11:b7:4b:19:49:82:8c:03:bd:
b6:e9:9f:f9:a1:b7:39:2b:98:b7:73:0c:38:1e:2e:95:1c:2f:
00:56:4a:3f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpq19ZCfYOhvwJ0HEnAQ2vIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA2MTQxNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2JkMjk1ZjZmZDVhYzVhOGFlYTBmMTAxYmM2NWNhNDI4ZDBkMjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVfVRYDjWGQXodyRgpnMzNEg1iPE
a4r+XHz4wKXuYAhyylltYs52G2aWOIT8JFA13fzD6Vwgf9qNJABMDSOhJWsKVuik
YyZJS+OIcPc7ZPloXFTW9aVCvZf2TODulDmd1xSI42BxMvby/vcLseGDEyz5T5S+
HmzK24hWuBbO0KMSEPF6Pa4NRGVa6lHA1f3rIqD4/oYYBiLZDES1jCTor6ugtWrx
cFO3cT73bt8RmvwYmPROQrh0I0Bxyp+Ulbb5I40pnZ3moeZ4suj09hKvgj/n+peu
UeTEFGhCmsFY0uev+UFLq2LPwJrhnybl1YORrxQ8zdZNNF2HrtE4szCXbwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCe9KV9v1axaiuoPEBvGXKQo0NJcMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvSjcwcFgyX1ZyRnFLNmc4UUc4WmNwQ2pRMGx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJjE2BUwYC+ma41my1dG
BhlQ9mWBPLoeaa4+5co1oGEgLvltI+h8k566BgFwEz3B6rJg6G0cVbYVTFiF0fnR
sqb0bZVhvg+/KX4vKlNoDKmAfytwKzcODklZAqe9jnjTlmanZgY9ezxUGs7fufJh
S0Am6o/h9bknuOw7U5F1U6YoOLKX0OG4YWE62pMe+h+N1AnUPb3PEnRp4Z8nb2QD
M3hbJYR6dcT8aOjbTjdNbjdumOpKjml8AJMYS+nsyOEoyaFDF4fTVvAg97Z68uUl
a4CUCFsQTT4TB1tCLIYLYRHvJRG3SxlJgowDvbbpn/mhtzkrmLdzDDgeLpUcLwBW
Sj8=
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:13:11 2025 by rpki-client